back to article End-to-end encryption may be the bane of cops, but they can't close that Pandora's Box

Police can complain all they like about strong end-to-end encryption making their jobs harder, but it doesn't matter because the technology is here and won't go away.  That's what Robin Wilton, director of internet trust at the Internet Society, told us when we spoke recently about the state of E2EE in light of Europol …

  1. david1024

    Yeah. But...

    So, while it is true that I can write a a simple bash or PowerShell script that will let me and my friends communicate with perfect forward secrecy... That's not what all these wide nets are really for.

    What the cops don't like is making so easy a criminal doesn't mess it up-- 'cause that's the real problem here. I wish they'd stop trying to make me a criminaltoo.

    1. Catkin Silver badge

      Re: Yeah. But...

      I wouldn't discount snagging people who are committing victimless non-crimes that would be undetected by everyone without draconian privacy invasions. It helps to get the numbers up.

      1. Mike 137 Silver badge

        Re: Yeah. But...

        " It helps to get the numbers up"

        As (here in Blighty) do "non-crime hate incidents". Oh dear, the online ones will go undetected if E2EE is used.

    2. Alumoi Silver badge
      Joke

      Re: Yeah. But...

      Citizen, if you have nothing to hide....

  2. TimMaher Silver badge
    Windows

    And good does not always triumph.

    Especially when the roz get involved.

    Have they really not understood anything since the sixteenth century?

    Encryption is there for a reason.

    If they don’t like somebody they should get off their arse, go over to where the suspect is and make them show the messages.

    Any decent E2EE app will blank screen shots so the roz will have to take their own camera.

    Good article.

    1. bazza Silver badge

      Re: And good does not always triumph.

      >If they don’t like somebody they should get off their arse, go over to where the suspect is and make them show the messages.

      Tricky thing is there is this concept called "due process", and we're all entitled to that process being adhered to regardless of whether one is the local well known scallywag with a finger in every rotten scam going, or the old lady next door who bakes us cakes. Otherwise you end up with Constable Savage.

      Readily available cast iron E2EE is no doubt a big advantage to the criminally minded. Western democratic settled societies don't really need E2EE. It's only really existed on a widespread basis for 10, 15 years, and everything was just fine before then (for a reasonably good measure of "fine").

      However, ultimately it's a matter for the democratic process. In a democracy, policing is done with the consent of the people. If the democratic process chooses to allow the job of policing to become harder, or less well funded, or badly run, then the people get to enjoy the consequences of that. If it's to be done better, at a higher quality and less corruption, everyone has to take more of an interest in it. Ultimately, it is disinterestedness in one's own society and how it works that allows bad things to happen. What I think is happening in a lot of countries is there are growing and contradictory pressures; there's more to do, but people always vote for whichever politician takes less tax off them, and so the suggested policies become ever more extreme.

      1. Tubz Silver badge

        Re: And good does not always triumph.

        policing is done with the consent of the people .. sorry, but this statement is so long out of date, consent can no longer be withdrawn, the most you get is voting for your local crime commissioner. The problem all countries have, is we don't trust the security services, they have been proven to break the law when they see fit, no punishment and general are as bad as the criminals they are supposed to protect us from and in a lot of case don't even uphold the law or understand it themselves, last bunch of UK pro-xxx protests have shown this.

        1. katrinab Silver badge
          Megaphone

          Re: And good does not always triumph.

          No. Even in North Korea, there has to be some level of consent to policing. Not necessarily enthusiastic consent, but a baseline level of consent. Other dictatorships have quickly crumbled when that was no longer there.

          1. SVD_NL Silver badge

            Re: And good does not always triumph.

            Consent is more easily gained if you ignore small hurdles such as basic human rights.

            I also think compliance would be a better word here.

          2. Michael Wojcik Silver badge

            Re: And good does not always triumph.

            When withholding consent means nothing unless you can get an overwhelming majority to do so, and even then there's a high probability for any given individual of being killed for doing so, "consent" means very little.

            More importantly, perhaps, the idea of "consenting" to government power is at least a century out of date. Even in modern representative democracies, such as they are, power does not operate through a rational decision on the part of the polis to endorse the social contract. If you believe Graeber and Wengrow (and they make a good argument), there have been societies where that was the case; but that's not how industrialized capitalist nation-states work. Ideology, interpellation, the desire to be subject to power... "consent" is simply not a meaningful, explanatory interpretation of how political power is structured at the state level for essentially all extant nations.

            1. bazza Silver badge

              Re: And good does not always triumph.

              Er, we're talking about policing powers, not governmental powers. There's not many countries where police are political employees, not even the USA really, where the head of the FBI is politically appointed (the rank and file are not), and maybe the local sheriff is elected. Those countries where the police are an arm of the political powerbase and do what the politicians command tend to be autocratic dictatorships. Those countries where there really is rule of law - i.e. politicians get arrested too and go to jail under the terms of the laws they themselves are currators of - tend to be functioning democracies.

              There is no such thing as "political power" in a democracy. All the politicians do is pass laws, and decide how public funds are spent. That may result in a perception of "holding power", but it's only an in-bulk, money incentivised thing; they have to pay people to do the things they want done. Money is persuassive, but not all-powerful. Politicians simply have access to an awful lot of it. So do billionaires, and whilst a billionaire can also be extremely persuasive, they can't actually make anyone do something either. They, like politicians, cannot actually force any specific person do a specific thing, and in that sense they have no power. Only someone with a warrant (e.g. a policeman with a good reason) can intefere with what someone wants to do (by arresting them), and only a Judge can actually issue an order to make someone do something, or dish out consequences for failing to follow it, and only then after due process. That's why it's called the "rule of law"; it's the Judges on behalf of the law itself who have the power, not the people who write them.

              And you misunderstand "consent". For example, littering. In most countries, littering is illegal. If you see someone doing it, you've witnessed a crime. Yet if you don't report that to the police, you are witholding consent for that crime to be policed; you have taken a decision to let that criminal evade justice, and you are choosing to be party to it. By that measure, almost no one consents to littering being policed, yet we all suffer the consequences of it (we have to pay for street sweepers to clear up the mess).

              Ok, so littering is a "trivial" example (except that, at scale, it's highly polluting). How about speeding? How about seeing someone being racially abused at a football match? How about a mate in a club who is pestering a girl and she clearly doesn't want it? How about someone down the pub boasting about their crafty social support con, or their tax fiddle? If one is not prepared to phone up the police and give them the registration plate, or the names of the abusers, or the name of the sex pest, or the name of the social security or tax fraudster, are those then crimes that one is essentially quite happy with going on?

              The police cannot police unless those who see crimes actually do report them, and are prepared to be witnesses for the prosecution.

              There's a lot of folk not doing that. There's also folk (well, tech companies) making tools (such as E2EE) to make it easy to hide the existence of crime in the first place. That contrasts nicely with politicians being under pressure to "bring down crime figures". So, the inevitable result is that police are given more means to be able to spot crime for themselves. Hence, CCTV, large scale tools, AI facial recognition, etc. We're not about to pay for every sweet wrapper to be closely watched by a policeman, lest someone drops it...

        2. Anonymous Coward
          Anonymous Coward

          Re: And good does not always triumph.

          And don't forget, the police/security services also use encryption on their networks...

          Guilty, m'lud!!

          1. Disgusted of Cheltenham

            Re: And good does not always triumph.

            Do you have any evidence for this claim?

      2. Anonymous Coward
        Anonymous Coward

        Re: And good does not always triumph.

        The problem is that the authorities used to have to ask for a wire tap and they could then tap your phone. Now they want to routinely intercept all communications... just in case.

        It used to be that chat amongst my friends was 100% private... unless you were within ear shot.... now a lot of that's moved to social media but I don't see why the police or anyone should suddenly get access to it just because they fancy it.

        The authorities didn't used to know who I wrote letters to or chatted to in the pub so why should they get to know who I message on Signal?

    2. Anonymous Coward
      Anonymous Coward

      Re: And good does not always triumph.

      errrrrr......................Wayne Couzins, David Carrick...........................

      Yup......too true!!

  3. xyz123 Silver badge

    Europol - the same organization that takes cash bribes from Putin and China to hunt down and arrest dissidents of those two failed states and deport tham back to face torture and execution.

    Europol is a laughing stock, private Stasi of dictators the world over.

    1. ritmo2k

      Are you referring to dissidents that actually are colluding with western governments, you know, like the one with over a hundred coups attributed to their "democratic" name?

    2. mirachu Bronze badge

      Putin doesn't need Europol, he already has covert organizations that can do what he needs.

    3. Petalium

      Considering Reinhard Heydrich was once the head of Interpol, nothing surprises me regarding that organization.

  4. Anonymous Coward
    Anonymous Coward

    Hmmmm

    I've written an E2EE that uses a webcam to read a handwritten page and delivers it as an encrypted spoken MP3 in Latin. No plaintext on any system.

    Go on, arrest me.

    1. TimMaher Silver badge
      Coat

      Re: Latin

      Nil illegitimii carborundum te.

      1. xyz Silver badge

        Re: Latin

        Romans go home?

    2. Anonymous Coward
      Anonymous Coward

      Re: Hmmmm

      If you could make it so the latin is wrong it would be Ideal for communicating with the haunted pencil and Spaffer

  5. Boris the Cockroach Silver badge
    Facepalm

    The bits I love

    is where they want 'backdoors' put in... or think that public/private key encryption can be easily broken.

    Especially the 'backdoors' that will be found by the first person who examines the program with a disassembler.... (coming soon.. banning those too.. only a criminal would need one)

    But then if I was the terrorist hell bent on doing terroristy things, the communication instructions would be given in plain english rather than an encrypted messgae

    "The swallows fly south in winter" = You must get coconuts

    "Build a wooden rabbit" = we attack tommorrow at dawn

    1. A.P. Veening Silver badge

      Re: The bits I love

      "Beware of Greeks bearing gifts" = We give the police a Trojan.

      1. jake Silver badge

        Re: The bits I love

        Beware of geeks using git ...

      2. ChoHag Silver badge

        Re: The bits I love

        That would be "geeks".

    2. Will Godfrey Silver badge

      Re: The bits I love

      As I've mentioned before. There was a SciFi story in the 1960s where a group were passing messages quite invisibly by people walking dogs. The message was the number an colour of the dogs.

      1. jonesthechip

        Re: The bits I love

        Can you provide the title of the SciFi work mentioned, please?

        I just need to see how many dogs/breeds I need for suitable messaging.

        1. rafff

          Re: The bits I love

          "I just need to see how many dogs/breeds I need for suitable messaging."

          Only two, if you use binary coding

          1. jmch Silver badge

            Re: The bits I love

            "Only two, if you use binary coding"

            Yes, but in that case you're going to be taking LOTS of walks!!

            1. Michael Wojcik Silver badge

              Re: The bits I love

              You can do it with just one, e.g. by walking on the left or right side of the dog.

              But of course you'll want both higher bandwidth and more confusion to make decryption more difficult. So add more symbols. More and different dogs is a possibility, but so are choice of clothing, time of day, who walks the dogs if there are multiple operators available, and so on. Make some symbols meaningless in certain combinations so you can vary them to add noise to the channel.

              The main issue with codes, as opposed to ciphers, is they require distribution of large keys over secure channels; so they're only useful when the secure channels are available under some conditions that apply to the interlocutors, but not under others where the codes are desirable.

              If you want a pen-and-pencil cipher, the Solitaire Cipher created by Schneier and featured in Stephenson's Cryptonomicon is a good choice. Its key has a lot of entropy but is physically compact and innocuous (a deck of playing cards). You do have to be careful not to mix the cards up.

        2. Will Godfrey Silver badge

          Re: The bits I love

          Believe me, I wish I could remember it! I don't even remember most of the story. As a teenager I hovered up SciFi stories. Analog, Fantasy&Science Fiction, and a host of individual authors, and later an Uncle got me a couple of years subscription to the Readers Union Science Fiction Book Club - still got quite lot of the books and paperbacks :)

      2. Jamie Jones Silver badge

        Re: The bits I love

        chatGPT can often help with queries like that

        1. 42656e4d203239 Silver badge

          Re: The bits I love

          >>ChatGPT can help with queries like that

          If by 'help' you mean 'hallucinate answers' then yup, it can help.

          Sauce: asked it about a vaguely remembered (yet fairly specific) book from SWMBO's past and it spaffed believable, yet incorrect, gibberish.

          1. Jamie Jones Silver badge
            Thumb Up

            Re: The bits I love

            Oh yeah. The one thing it's an expert in is confidently supplying correct-looking answers that are complete bollocks! Perhaps in this case, though, it didn't like the sauce you gave it? *grin*

            However, the previous author only needs something to prompt his memory - he won't be going in blind!

    3. Gene Cash Silver badge

      Re: The bits I love

      > "Build a wooden rabbit" = we attack tommorrow at dawn

      That's known as a "one time pad" where you have a bunch of preagreed messages to pass, and it's indeed unbreakable.

      However, if something comes up that isn't in the pad already, you're SOL, so it trades flexibility for secrecy.

      1. Sorry that handle is already taken. Silver badge

        Re: The bits I love

        A one-time pad isn't a pre-agreed selection of code words, it's a single-use encryption key that simply has to be at least as long as the message being sent. If your message is longer than page 1 of your "pad", continue on page 2...

        1. katrinab Silver badge

          Re: The bits I love

          You still need a secure way to transmit the pad though.

          It basically allows you to deliver the message before you write it.

      2. Michael Wojcik Silver badge

        Re: The bits I love

        That's known as a "one time pad" where you have a bunch of preagreed messages to pass, and it's indeed unbreakable.

        OP's code is neither an OTP nor (as described) unbreakable.

        A dictionary code, which is what OP described, is unbreakable iff the code is random (the code symbols, in this case phrases or sentences, are unrelated to one another and to the corresponding plaintext symbols), the range of plaintext symbols is large, only a small portion of that range is ever exercised, and no code symbol is ever used more than once. Otherwise some information entropy is leaked and the code is not theoretically unbreakable.

        OTPs are random, and therefore not correlated with the plaintext, and therefore indifferent to the plaintext.

        As others have pointed out, the downfall of OTPs (besides misunderstandings and implementation errors) is key distribution, since the key must contain at least as much information entropy as the message.

    4. Malcolm Weir

      Re: The bits I love

      Technically, I believe that's encoding, not encrypting. Dunno what you call it when you have a "generic" method where you have code words for most of your expected vocabulary, and an "escape" codeword that says "use the first letter of the decoded version of the following codewords" which allows you to spell any word you haven't defined a codeword for!

      Either way, determining whether coconuts are en route is impossible unless the system has been infiltrated!

      1. Michael Wojcik Silver badge

        Re: The bits I love

        You call that "an overly complicated and not particularly usable cipher".

        It's also not very secure if you use it to encode more plaintext than a small subset of possible messages, or the same plaintext multiple times, etc.

        Dictionary codes have their uses, but they don't make good general-purpose ciphers. The key is too large, and distribution is problematic. People try to get around this in various ways but usually just end up reinventing book codes or similar.

        (With a book code, the key is the book -- e.g. "the 1999 Penguin edition of Anna Karenina" -- and the code words are something like {page number, word number} pairs. Sometimes it's obfuscated further, but that's the basic concept. The idea with a book code is that the key is generally fairly easy to obtain if you know what it is; technically the key is actually a description of the book, and the book itself is the key schedule. Book codes are good against amateurs and anyone who doesn't want to put too much effort into it. In reality if the information is valuable someone is likely to lead-pipe it from one of the users rather than try to break the code.)

    5. Dr Dan Holdsworth
      FAIL

      Re: The bits I love

      The terrorists in some attacks in Paris did just that: plaintext comms using SMS and code-words. Having the plaintext is absolutely no use whatsoever if you don't know what the codewords mean.

      1. A.P. Veening Silver badge

        Re: The bits I love

        Having the plaintext is absolutely no use whatsoever if you don't know what the codewords mean.

        And if you wish to drive the plod truly insane, you put the messages with the codewords in a high level but breakable encryption. They get the clear texts they want and still don't know anything (which is the usual state of affairs anyway).

    6. bombastic bob Silver badge
      Pirate

      Re: The bits I love

      recently set up an ad-hoc "bearer" scheme to handle sessions where data could be modified or destroyed by a miscreant.

      You can generate a new public/private key pair via openssl, and each end sends the public key in plain text [even using ssh or https this helps secure the process from possible replay attacks. etc.]

      Then using those one-time generated keys, you send a secret back and forth, like a login + password or some kind of key, getting a one-time hash that ends up in 'bearer' for your session [good for a very limited time, for specific IP addresses, stored in server internal session vars, whatever]

      It's a bit like the way SSL works with the DH key exchange so not a NEW idea, just something easy to set up with an hour of PHP coding and program that uses 'curl' to send a request via https

      And that is the point - any relative newbie prograner with a couple of hours reading 'man openssl' should be able to configure a tightly secured public key based scheme that generates new keys on both ends every time. Good luck cracking THAT, anyone.

  6. Zibob Silver badge

    And what of the cops themselves?

    They are just as likely and proven to have used encryption to the same ends as criminals. But they have encryption, the brotherhood of co-criminals, the government that gave them the power and protection from their own crimes, and a public that is not allowed speak out against any of it lest they be abused in the same way.

    If police want unencrypted messaging then they should have to post their communications in full view of the people too.

    Rules for thee and not for me.

    Impossible to trust the cops when this is the state of things.

  7. jake Silver badge

    Regardless ...

    Strong encryption is in the wild, and has been in the wild for decades. There is no sweeping those worms back into the can, they bolted through the open stable door some decades ago.

    Or, to put it another way, when were you last at a University with a Maths program that didn't have a copy (or several) of Bruce Schneier's "Applied Cryptography" in the library.

    That ship has long since sailed. It's over. Done. Put a fork in it.

    However, these days the concept does provide a handy filter ... anybody babbling about backdoors to catch criminals is clearly quite ignorant on the subject. Vote accordingly.

    1. Yet Another Anonymous coward Silver badge

      Re: Regardless ...

      > University .... Maths program ..."Applied Cryptography"... library.

      Funnily enough they have a solution for that problem

    2. Michael Wojcik Silver badge

      Re: Regardless ...

      Honestly, there are probably thousands of people who could reimplement RC4, or something like it, from memory. Yes, RC4 is breakable under reasonable conditions for something like HTTPS; but for short messages exchanged among a small group, even a well-resourced attacker probably won't accumulate enough ciphertext, particularly if the messages avoid known plaintext.

      But then small groups of people exchanging relatively few, short messages have always been able to keep the contents private if they want to make the effort. Dictionary codes, private languages, etc.

      The problem, of course, is that what the surveillance state really wants is to backdoor popular apps. They wish they could spy on the crypto nerds too, but they (at least the ones with half a clue) know that's wishful thinking. They'll settle for spying on hoi polloi who don't know and don't particularly care whether they're being spied on (until the door's kicked in, off course). Let's face it: most people have no idea whether email or SMS is more or less secure than Signal, for example, or even what Signal is. Maybe they've heard that WhatsApp is encrypted and have a sense that's a good thing, but you can't expect them to understand the details.

  8. Anonymous Coward
    Anonymous Coward

    The reason the number of captured "criminal" images has not dropped is that such images are driven by the ability of such people to meet and communicate by social media. They can't meet without in-the-clear communication. So all that needs to be done by legal authorities is impersonate a person who wants to see and share such images.

    1. Anonymous Coward
      Anonymous Coward

      Or just generate the images and then send them out to people who picked the wrong political side or failed to back you in the last leadership race.

      So much less effort than having to build camps in Siberia

      1. Michael Wojcik Silver badge

        It really is a bit of a coincidence that so many of the Evil Hackers we see arrested are then found to have CSAM on their seized computers, isn't it?

        Perhaps there's a correlation here which has previously eluded criminal science. Or perhaps we shouldn't trust these forensic investigations, particularly when so many labs have been found to be faking results for the prosecution. (Or here. Or here.)

        No doubt there are various reasons why forensics labs are untrustworthy. They have close relationships to police and prosecutors; they come under pressure from government officials; they know who butters their bread. But here in the US, at least, forensics is an untrustworthy, undersupervised mess; judges often prevent reasonable challenges to forensic results and bogus forensic "science" (e.g. bite identification); and the media conglomerates have been on a multi-decade offensive of forensics hagiography (CSI and the like).

        It's kind of a problem.

  9. CountCadaver Silver badge

    Plod noise Makes me think of

    "The only laws that matter are the laws of Australia"

    "This is a bill to define PI as 3 in this state"

    Also what are they REALLY up to or helping cover up with all this racket....it's too widespread to be a single govt or politico, which means the shit is about to hit the fan big style globally....another 1929esque depression but far worse?

    Some very very unpleasant bio weapon got loose and many fingers were in that pie?

    A very large corruption scandal involving cops and politicians?

    Seen to be "doing something"

  10. Alf Garnett

    If criminals...

    The governments are saying end to end encryption should be banned because criminals use it to do whatever. Following that logic, let's take a look at other things that should be banned. Cars and trucks should be banned because criminals use them to smuggle drugs and transporting stolen goods among other things. Telephones should be banned because criminals use them to coordinate criminal activity or warn others about law enforcement activity. Computers should be banned because criminals use them to commit crimes. Acetylene torches should be banned because criminals use them. I could go on for hours, but you get the point.

    1. Catkin Silver badge

      Re: If criminals...

      Ban governments and police because they have been found to contain criminals.

      1. A.P. Veening Silver badge

        Re: If criminals...

        Ban governments and police because they have been found to contain criminals.

        The best known group with the highest percentage of criminals in the USA is Congress (and no, I am not referring to Jan. 6).

  11. Tron Silver badge

    Nope.

    quote: If law enforcement wants it banned, they're going to have to prove their case.

    Untrue. Governments have never needed to prove their case to ban anything. They are the government, and if they want to ban anything, they can and will. They are the shepherds, we are the sheep. That's the model they run with. They will just cite national security, privacy, protecting the children and preventing assorted 'harms' to mental health.

    VPNs have been flickering with a few MS updates. I would expect bans on VPNs to be implemented in OSs. The same would be true for E2EE. All known app/lications using it would be killed by state degree. They can double up with ISP blocks, but the OSs would be where the primary gating would be. Governments have been banning people from doing stuff for a very long time and are good at it.

    1. Jamie Jones Silver badge

      Re: Nope.

      How could the OS stop me sending a document encrypted with a base64 one-time pad?

      Is it going to scan all documents for known words?

      If so, what if I use words in my key and text.. will the os have to grok valid sentences?

      1. A.P. Veening Silver badge

        Re: Nope.

        How could the OS stop me sending a document encrypted with a base64 one-time pad?

        Good luck with that, binaries (including images) are encoded with base64 when attached to emails.

        1. Jamie Jones Silver badge

          Re: Nope.

          Exactly!

  12. BPontius

    Anterior motives

    Don't know about the U.K, but I believe the inability to intercept criminals is just a cover-story in the U.S. The real reason they want to backdoor or get rid of encryption is to be able to do more spying and monitoring of citizens, leaders, protesters, political groups, special interest...etc. Naive of law enforcement to believe that eliminating or even backdooring encryption (pure fantasy), that criminals would not move to one-time pads or some obscure custom encryption as well as alternative means of communication. The U.S Government claims their data collecting is helping to stop future terrorist attacks, yet the proven methodology of investigating is only collect and keep relevant information. Quite the opposite of their method of hoarding Petabytes, Exabytes or Zettabytes of data and trying to find something,

    But as the NSA told Congress; "The data is not collected until an analyst looks at it.". So the fact that they have huge quantities of data in data centers, it has not been collected. They could still have data from 2003 when they spliced into AT&T's trunk lines still uncollected. Insane!!

    1. jmch Silver badge

      Re: Anterior motives

      "The data is not collected until an analyst looks at it."

      That is obvious BS weaselling, trying to redefine what 'collected' means. If the analyst is not looking at it in real time, it has been stored somewhere in the meantime, so by definition it HAS been collected the moment it is stored.

  13. Bartholomew
    Joke

    strong end to end encryption no backdoor required

    The simple solution is to encrypt all messages with two different public keys and send two copies. One public key for the real destination of the "private" message. And a second unique public key for the governments copy of the message which will be stored in perpetuity and can only be accessed offline with the unique private keys with a valid court order.

    And I suggest that this system be fully tested for at least 50 to 100 years using the communications of all law enforcement, and in fact the whole government (including GCHQ). Anyone found not using the system for communications is summarily executed for suspected treason.

    The main problem with such a system as outlined above is that criminals would not use it. Still, testing it for 50 to 100 years should give the government and law enforcement plenty of time to think about why it is such a stupid idea in the first place. And to be more careful about what they wish existed.

    1. Anonymous Coward
      Anonymous Coward

      Re: strong end to end encryption no backdoor required

      @Bartholomew

      Yes....I noticed the joke alert!

      But....you mentioned "public keys". You are probably thinking about stuff like RSA or PGP where end users have a public/private key pair.

      So last century!! With protocols like Diffie/Hellman, the encryption keys are completely random and are calculated when needed.....and then thrown away.

      Yup.......no encryption keys seen or stored anywhere at all. In this D/H environment, the snoops:

      (1) Don't know what encryption algorithm is being used (RSA, samba20, IDEA, RC5......)

      (2) Need to wonder if the target message might have been encrypted multiple times

      (3) Have no clue about the encryption key(s) (see above)

      Now....of course....the snoops can save encrypted messages for as long as they like....in the hope that cracking might one day be possible.

      .....but surely most (interesting) messages have a sell by date only a few hours, or a few days out?

      1. Anonymous Coward
        Anonymous Coward

        Re: strong end to end encryption no backdoor required

        This is a real world problem for telecoms providers.

        A few years ago I worked on the security aspects of a major telecoms company SD-WAN development. It could be implemented as hub-and-spoke, fully-meshed, or a mixture of some site-to-site links and other routes going through a hub. All links used DH for key exchange. The telecomms company never knew the keys. The customer never knew the keys. They were only transient memory entries in the routers. In theory, messages might be intercepted at the hub as they were decrypted coming out of one spoke then reencrypted going into the next spoke, but the hardware type used in the core did not support the vendor's 'law enforcement snooping module'. The end-of-spoke routers within the hub did, but only on the external (i.e. encrypted) side so that was no use.

        Because of this lack of snooping capability, there were a number of countries where this product could not be sold. The USA was one of them.

      2. Pete Sdev
        Facepalm

        Re: strong end to end encryption no backdoor required

        So last century!! With protocols like Diffie/Hellman, the encryption keys are completely random and are calculated when needed..

        Even when using a key agreement scheme like Diffie-Hellman, in practice a long-term key is needed for:

        a) Authentication

        b) Preventing man-in-the-middle attacks

        I hope to $DIETY you're not involved in writing cryptographic code or implementing protocols.

  14. Anonymous Coward
    Anonymous Coward

    UK here.

    We quite literally have politicians conducting government business using disappearing message features of E2EE messaging apps on personal devices specifically to avoid scrutiny and oversight.

    Until those fuckers start playing by the rules there is not a cat in hell's chance I will give up my encryption and not even then.

  15. Anonymous Coward
    Anonymous Coward

    Sigh......Assumptions Again.......

    These idiots in SW1 and Brussels ASSUME that only big interweb services (WhatsApp, Signal, Telegram) are significant in the E2EE game.

    Any determined group can implement PRIVATE encryption. Suppose this group uses, for example Signal:

    (1) Use private encryption for some communication.

    (2) Send privately encrypted message over Signal

    ......if the spooks have broken Signal E2EE.....what do the spooks find:

    (3) MORE ENCRYPTION

    READING LIST

    (a) Applied Cryptography, Schneier

    (b) Cryptography Engineering, Ferguson, Schneier, Kohno

    (c) samba20, chacha20, Daniel Bernstein

    (d) Curve25519, Daniel Bernstein

    (e) Linux, gcc, gmp..........all open source.......

    Sigh!!!!

    1. Mister Jones

      Re: Sigh......Assumptions Again.......

      So.....private encryption may solve the privacy problem (for some).

      The anonymity problem will be a bit harder!!

      1. Dr Dan Holdsworth
        Boffin

        Re: Sigh......Assumptions Again.......

        The answer is UseNet.

        When you want to talk simply send out an encrypted message to a UseNet group. This puts the message into the public domain without any specific destination; anyone can pick it up but only the recipient with the correct private key can decrypt it.

        To reply, do the same. All you have to do is preshare public keys and then you're laughing.

        1. Anonymous Coward
          Anonymous Coward

          Re: Sigh......Assumptions Again.......

          @Dr_Dan_Holdsworth

          About public and private keys..........so twentieth century.

          In 2024, people are using COMPLETLY RANDOM encryption keys....and throwing those keys away once used!!

          Do the words "Diffie" or "Hellman" ring any bells?

          ...and then again....Google have abandoned USENET.....so maybe you like "Eternal September"?

          Time to keep up.........

  16. JohnG

    Article 8 of the ECHR

    The right to privacy in one's communications is enshrined in Article 8 of the ECHR. While the police might like to see everyone's freedoms eroded to make their jobs easier, it isn't going to happen.

    This nonsense is similar to the NSA's 90s idea, the Clipper Chip. That nonsense didn't even fly in countries without ECHR or similar protections.

    1. 42656e4d203239 Silver badge

      Re: Article 8 of the ECHR

      >>This nonsense is similar to the NSA's 90s idea, the Clipper Chip

      And the CPU embedded Intel ME/AMD Secure Technology (Platform Security Processor) is different from Clipper?

    2. PerlyKing

      Re: Article 8 of the ECHR

      Is this the same ECHR that the UK government is so keen on leaving?

  17. navarac Silver badge

    How about

    How about we get ALL current and ex-police officers, politicians and civil servants to have a compulsory trial run on using comms WITHOUT E2EE encryption first. Just as a test run. Then make all of their comms made public.

    That would concentrate the mind!

    1. Jamie Jones Silver badge

      Re: How about

      Silly Billy. It was never for THEM, just for US.

  18. Stephendeg

    Steganography?

    I do wonder how many of those cat pictures - or TikTok’s - are packed with god-knows-what by criminals using steganography?

  19. Danny 5

    When will the hurting stop?

    Can we please end this discussion? These nincompoops have no idea what they're talking about. For years all sorts of agencies have been complaining about encryption, requesting bans, requesting backdoors, requesting all sorts of things, without the burden of knowledge. You break encryption, you break a LOT of other things, it's as simple as that.

  20. steviebuk Silver badge

    Governments are fools

    "We need an end to end-to-end encryption or we need a back door that will only be used for good". It won't. But also, you force backdoors into apps, do you really think those crooks will use those apps? No, they'll hire someone to write their own end-to-end encryption and put it in their own app.

    1. martinusher Silver badge

      Re: Governments are fools

      Perhaps if they weren't in such a hurry to disband the "Government Code and Cypher School" at the end of WW2 and scatter its accumulated knowledge to the winds they'd have learned a couple of home truths about encryption. Like you don't need super-strong long key AES to keep messages safe, even a relatively straightforward system like Enigma is strong enough for everyday use. The chinks in the armor are key distribution and message procedures, something that the Bad Guys will know all about (unless they get lazy and buy a turnkey secure messaging system from the FBI, of course).

      The problem with government and its sycophants is that it only hears what it wants to hear. It still lives in fantasy world of secret blueprints, coded messages and cloak and dagger type spies. That's why the SOS ("same old shite") turns up year in, year out......we'll be back to the Clipper chip in a bit, I guess.

      1. StrangerHereMyself Silver badge

        Re: Governments are fools

        Hell, it took 5 decades and scores of cryptologists to break a simple multi-alphabetic Vigenère cipher cooked up by the Zodiac Killer. Neither the FBI nor NSA could solve it and it took someone writing custom-made software to unscramble most of the text.

  21. StrangerHereMyself Silver badge

    Prolific

    E2EE apps and services will become prolific because if you do NOT have E2EE on your massively popular messaging app there will be continuous pressure to "do more" by politicians and pressure groups against the spreading of fake news, grooming, CSAM.

    Therefore it is IN THE INTEREST of Big Tech to make sure they can't see anything their users are doing or saying. The pressure or even threats from politicians are then stopped dead in its tracks. I've seen this happening with Facebook and even more clearly MegaDownload. The latter introduced its E2EE file storage service a decade ago and all that time I haven't seen a single copyright or CSAM case being brought against the company. That shows it must be working as advertised because I'm absolutely convinced both are present on the service.

    What really will do LEA in is the spreading of "disappearing messages" already being used by most criminals and politicians (yep, I put them in the same sentence for a reason).

  22. Boolian

    Head Canon

    This is merely the deployment of more police, at little cost.This little polis now lives rent free in your head, and is responsible for self censorship, and suggestion.

    You might have communicated unencrypted via any medium, in the distant past - but now? Well, you are only going to consider encrypted messaging on specific electronic platforms, by methods suggested to you. For comms to be ubiquitous, the many will now also only consider communicating the same way, which requires no Mk1 eyeball to intercept whatsover.

    For Skynet, we all know security is hard - that is canon.

    Howsoever, probably the easiest, secure personal comms available today is the snail-mail written letter; the author isn't known, the content is not known, the specific packet it is in is not known, the port it was delvered on is not known, etc ... and the final recipient and reader is not known.

    I say 'is not known' - not, 'cannot be known' - but to be known, LEO's or spooks are no longer in out the rain with no heavy lifting.

    That plaintext packet is easily intercepted - true, but it first requires several things to be known, and somewhere along the line, a chair needs to be missing an arse in order to know it.

    Encrypt the content with anything marginally better than a Caesar cypher, and odds are it will be sitting at the bottom of in-trays for a week - which if nothing else, loudly broadcasts the fact there was a MITM attack.

    Trenchcoats and fedoras, not hoodies and laptops is the future of secure, personal comms. In the age of Skynet, the only little polis is the one in your head, not on the street.

    /s

  23. Dale 3

    Strong encryption is good for the police

    Law enforcement needs strong, uncompromised encryption. Look what a success it was when they managed to infiltrate Encrochat. Criminal networks only used Encrochat because it was believed to be unbreakable. If it was known that there were weaknesses and backdoors they would have used something else. Or at least they wouldn't have talked so freely on it. When law enforcement infiltrated, it wasn't because of weaknesses or backdoors, they used other classic means, which I'm sure was much harder, riskier work, but it paid off for them bigly.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like